LAGIMONIER et al. - Appln. No. 09/932,982 

Amendments to the Claims: 

This listing of claims will replace all prior versions, and listings, of 
claims in the application: 

Listing of Claims: 

1. (currently amended) A method of processing out-of-order 
messages, comprising: 

determining a largest nonce value yet seen from a nonce value of 
a n out-of-order received message; 

comparing a nonce value of a received out-of-order message with 
said largest nonce value yet seen; 

comparing said nonce value to an acceptance window in response 
to said nonce value not exceeding said largest nonce value yet seen; and 

rejecting said received out-of-order message in response to said 
nonce value falling outside said acceptance window. 

2. (original) The method according to claim 1, further comprising: 
designating said nonce value as a nonce value seen in response to 

said nonce value exceeding said largest nonce value yet seen. 

3. (original) The method according to claim 1, further comprising: 
replacing said largest nonce value yet seen with said nonce value 

in response to said nonce value exceeding said largest nonce value yet seen. 

4. (original) The method according to claim 1 , further comprising: 
adjusting an acceptance window based on said nonce value in 

response to said nonce value exceeding said largest nonce value yet seen. 

5. (currently amended) The method according to claim 1, further 

comprising: 

designating said received out-of-order message as a replay attack. 
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6. (currently amended) The method according to claim 1, further 

comprising: 

comparing said nonce value to a window mask value in response to 
said nonce value falling within said acceptance window; and 

rejecting said received out-of-order message in response to an 
outcome of said comparison of said nonce value to said window mask value 
being true. 

7. (currently amended) The method according to claim 6, further 

comprising: 

designating said received out-of-order message as part of a replay 

attack. 

8. (currently amended) The method according to claim 1, further 

comprising: 

comparing said nonce value to a window mask value in response to 
said nonce value falling within said acceptance window; and 

accepting said received out-of-order message in response to an 
outcome of said comparison of said nonce value to said window mask value 
being false. 

9. (original) The method according to claim 8, further comprising: 
designating said nonce value as a nonce value seen. 
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10. (currently amended) An apparatus for processing out-of-order 
messages, said apparatus comprising: 

a communication interface configured to transmit and receive a 
plurality of packets; and 

a controller, wherein said controller is configured to: 

determine a largest nonce value yet seen from a nonce 
value of a received out-of-order message; 

compare a nonce value of a received out-of-order message 
and said largest nonce value yet seen; 

compare said nonce value to an acceptance window in 
response to said nonce value not exceeding said largest nonce 
value yet seen; and 

reject said received out-of-order message in response to 
said nonce value falling outside said acceptance window. 

11. (previously presented) The apparatus according to claim 10, 

wherein: 

said controller is further configured to designate said nonce value 
as said largest nonce value yet seen in response to said nonce value exceeding 
said largest nonce value yet seen. 

12. (previously presented) The apparatus according to claim 10, 

wherein: 

said controller is further configured to adjust an acceptance window 
in response to said largest nonce value yet seen in response to said nonce value 
exceeding said largest nonce value yet seen. 
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13. (previously presented) The apparatus according to claim 10, 

wherein: 

said controller is further configured to replace said largest nonce 
value yet seen with said nonce value in response to said nonce value exceeding 
said largest nonce value yet seen. 

14. (currently amended) The apparatus according to claim 10, 

wherein: 

said controller is further configured to designate said received out: 
of-order message as part of a replay attack. 

15. (currently amended) The apparatus according to claim 10, 
wherein said controller is further configured to: 

compare said nonce value to a window mask value in response to 
said nonce value falling within said acceptance window; and 

reject said received out-of-order message in response to an 
outcome of said comparison of said nonce value to said window mask value 
being true. 

16. (currently amended) The apparatus according to claim 15, 

wherein: 

said controller is further configured to designate said received out; 
of-order message as part of a replay attack. 

17. (currently amended) The apparatus according to claim 10, 
wherein said controller is configured to: 

compare said nonce value to a window mask value in response to 
said nonce value falling within said acceptance window; and 

accept said received out-of-order message in response to an 
outcome of said comparing of said nonce value to said window mask value being 
false. 
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18. (previously presented) The apparatus according to claim 17, 

wherein: 

said controller is further configured to mark said nonce value as a 
nonce value seen. 

19. (currently amended) A computer readable storage medium on 
which is embedded one or more computer programs, said one or more computer 
programs implementing a method of processing out-of-order messages, said one 
or more computer programs comprising a set of instructions for: 

determining a largest nonce value yet seen from a nonce value of a 
received out-of-order message; 

comparing a nonce value of a received out-of-order message and 
said largest nonce value yet seen; 

comparing said nonce value to an acceptance window in response 
to said nonce value not exceeding said largest nonce value yet seen; and 

rejecting said received out-of-order message in response to said 
nonce value not falling within said acceptance window. 

20. (original) The computer readable storage medium in according 
to claim 19, said one or more computer programs further comprising a set of 
instructions for: 

designating said nonce value as a nonce value seen in response to 
said nonce value exceeding said largest nonce value yet seen. 

21. (original) The computer readable storage medium in according 
to claim 19, said one or more computer programs further comprising a set of 
instructions for: 

replacing said largest nonce value yet seen with said nonce value 
in response to said nonce value exceeding said largest nonce value yet seen. 
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22. (original) The computer readable storage medium in according 
to claim 19, said one or more computer programs further comprising a set of 
instructions for: 

adjusting an acceptance window based on said nonce value in 
response to said nonce value exceeding said largest nonce value yet seen. 

23. (currently amended) The computer readable storage medium in 
according to claim 19, said one or more computer programs further comprising a 
set of instructions for: 

designating said received out-of-order message as a replay attack. 

24. (currently amended) The computer readable storage medium in 
according to claim 19, said one or more computer programs further comprising a 
set of instructions for: 

comparing said nonce value to a window mask value in response to 
said nonce value falling within said acceptance window; and 

rejecting said received out-of-order message in response to an 
outcome of said comparison of said nonce value to said window mask value 
being true. 

25. (currently amended) The computer readable storage medium in 
according to claim 24, said one or more computer programs further comprising a 
set of instructions for: 

designating said received out-of-order message as part of a replay 

attack. 
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26. (currently amended) The computer readable storage medium in 
according to claim 19, said one or more computer programs further comprising a 
set of instructions for: 

comparing said nonce value to a window mask value in response to 
said nonce value falling within said acceptance window; and 

accepting said received out-of-order message in response to an 
outcome of said comparing of said nonce value to said window mask value being 
false. 



27. (original) The computer readable storage medium in according 
to claim 26, said one or more computer programs further comprising a set of 
instructions for: 

designating said nonce value as a nonce value seen. 

28. (currently amended) A system for processing out-of-order 
messages in a peer-to-peer configuration, comprising: 

a first peer configured to provide secure communication; 

a second peer configured to provide said secure communication; 

and 

a secure communication module configured to be executed by said 
first peer and second peer, wherein said secure communication module is 
configured to: 

determine a largest nonce value yet seen from a nonce 
value of a received out-of-order message; 

compare said nonce value to a filter in response to a nonce 
value of a received out-of-order packet not exceeding said largest 
nonce value yet seen; 

compare said nonce value to a replay mask; and 

accept said received out-of-order packet in response to said 
comparison of said nonce value and said replay mask being false. 
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29. (previously presented) The system according to claim 28, 

wherein: 

said secure communication module is further configured to 
designate said nonce value as said largest nonce value yet seen in response to 
said nonce value exceeding said largest nonce value yet seen. 

30. (previously presented) The system according to claim 28, 

wherein: 

said secure communication module is further configured to adjust 
said filter based on said largest nonce value yet seen in response to said nonce 
value exceeding said largest nonce value yet seen. 

31. (currently amended) The system according to claim 28, 

wherein: 

said secure communication module is further configured to reject 
said received out-of-order packet in response to said nonce value falling outside 
said filter. 

32. (currently amended) The system according to claim 31, 

wherein: 

said secure communication module is further configured to 
designate said received out-of-order packet as part of a replay attack. 

33. (currently amended) The system according to claim 32, 

wherein: 

said secure communication module is further configured to reject 
said received out-of-order packet in response to said comparison of said nonce 
value and said replay mask being true. 



-9- 



LAGIMONIER et al. - Appln. No. 09/932,982 



34. (currently amended) The system according to claim 33, 

wherein: 

said secure communication module is further configured to 
designate said received out-of-order packet as part of a replay attack. 

35. (currently amended) The system according to claim 28, 

wherein: 

said secure communication module is further configured to reject 
said received out-of-order packet in response to said nonce value fails to fall 
within said filter and said secure communication module is further configured to 
designate said received out-of-order packet as part of a replay attack. 

36. (currently amended) An interceptor device for processing out- 
of-order messages, said interceptor device comprising: 

a network interface; 

an expected sequence register configured to enumerate an 
expected sequence number of a packet received out-of-order from a second 
network device; 

a memory configured to store a replay mask; and 
a controller, wherein said controller is configured to: 

determine a largest nonce value yet seen from a nonce 
value of a received out-of-order message; 

compare said nonce value to a filter in response to a 
sequence number of a received out-of-order packet via said 
network interface does not exceed said largest sequence number 
yet seen retrieved from said expected sequence register; 

compare said sequence number to said replay mask 
retrieved from said memory; and 

accept said received out-of-order packet in response to said 
comparison of said sequence number and said replay mask is 
false. 
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37. (previously presented) The interceptor device according to 
claim 36, wherein: 

said controller is further configured to designate said sequence 
number as said largest sequence number yet seen in response to said sequence 
number exceeding said largest sequence number yet seen. 

38. (previously presented) The interceptor device according to 
claim 36, wherein: 

said controller is further configured to adjust said filter based on 
said largest sequence number yet seen in response to said sequence number 
exceeding said largest sequence number yet seen. 

39. (currently amended) The interceptor device according to claim 

36, wherein: 

said controller is further configured to reject said received out-of- 
order packet in response to said sequence number falling outside said filter. 

40. (currently amended) The interceptor device according to claim 

36, wherein: 

said controller is further configured to designate said received out- 
of-order packet as part of a replay attack. 

41. (currently amended) The interceptor device according to claim 

36, wherein: 

said controller is further configured to reject said received out-of- 
order packet in response to said comparison of said sequence number and said 
replay mask being true. 
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42. (currently amended) The interceptor device according to claim 

41 , wherein: 

said controller is further configured to designate said received out- 
of-order packet as part of a replay attack. 

43. (currently amended) The interceptor device according to claim 

36, wherein: 

said controller is further configured to reject said received out-of- 
order packet in response to said sequence number falling outside said filter and 
said controller is further configured to designate said received out-of-order packet 
as part of a replay attack. 
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